Part A

Your discussion needs to be closely related to the XYZUNI scenario in the Appendix A

Question 1 A) Define the three components of C.I.A triad? Explain them?

B) Critically discussthe information security processes of identification, authentication, authorisation, and accountability?

C) List and critically discuss three challenges in shaping the security policy?

D) Critically discuss the importance of the maintenance phase for information security management systems?

E) In the context of information security, critically discuss the differences between policies, standards, guidelines and procedures?

Part B - Answer any TWO Questions

Your discussion needs to be closely related to the XYZUNI scenario in the Appendix A

Question 2

A) Critically discuss three benefits of project management in the field of information security?

B) List andcritically discuss three key areas of concern for risk management?

Question 3

A) Name the five strategies for risk treatment? Critically discuss each of them?

B) Specifytwo categories of access controls? Explain them?

C) Critically discuss the criteria that could be used to determine whether an actual incident is occurring?

Question 4
A) List and critically discussthreecomponentsof contingency planning?

B) Critically discuss three objectives of the planning and risk assessment domain of the maintenance model?

Attachment:- information security processes.rar